Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager Pierluigi Paganini March 22, 2026 Oracle fixed a critical severity flaw,...
flaw
PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks
PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks Pierluigi Paganini March 21, 2026 Sansec found a Magento...
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed...
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento's REST API that...
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking Pierluigi Paganini March 19, 2026 Ubiquiti fixed two UniFi vulnerabilities,...
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog Pierluigi...
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376 Pierluigi Paganini March 19, 2026 Russian APT exploits a critical XSS...
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure Pierluigi Paganini March 19, 2026 The Interlock ransomware...
Researchers warn of unpatched, critical Telnetd flaw affecting all versions
Researchers warn of unpatched, critical Telnetd flaw affecting all versions Pierluigi Paganini March 18, 2026 CVE-2026-32746 is a critical flaw...
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 16, 2026...
U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 12, 2026 The U.S....
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
Ravie LakshmananMar 12, 2026Vulnerability / Malware Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS...
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Critical Nginx UI flaw CVE-2026-27944 exposes server backups Pierluigi Paganini March 08, 2026 Nginx UI flaw CVE-2026-27944 lets attackers download...
Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files
Image: Perplexity A security flaw in Perplexity’s AI-powered Comet browser could have allowed attackers to access files on a user’s...
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Android devices hit by exploited Qualcomm flaw CVE-2026-21385 Pierluigi Paganini March 03, 2026 Google confirms that the Qualcomm Android vulnerability...